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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

1. A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is eligible 
for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1.17(e) has 
been timely paid, the finality of the previous Office action has been withdrawn pursuant to 37 
CFR 1.114. Applicant's submission filed on 10/16/2006 has been entered. 

2. It is noted that while Applicant has submitted claim amendments, arguments responsive 
to the previous Office action (Advisory Action, dated: 10/13/2006) were not submitted therefore 
the rejection is maintained. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

3. Claims 1-6, 13-16 and 21 are rejected under 35 U.S.C. 102(b) as being anticipated 
by Hopkins in US Patent 5,757,918 (hereinafter US '918). 

4. As it relates to claim 1 , US '91 8 teaches: 

A method for authenticating a data set between a proving unit and a verifying unit, which 
comprises the steps of (see US l 918: Abstract): 

a) communicating the data set from one of the proving and verifying units to a respective other 
of the proving and verifying units such that the data set is in an unencrypted form to both the 
proving and verifying units after completing step a) (see US '918: column 3, lines 13-14); 

b) generating at least one data element in the verifying unit (see US '918: column 3, line 26);. 
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c) using the verifying unit to encrypt the data element in a first cryptographic encryption method 
using a public key of the proving unit resulting in at least one encrypted data element, and the 
public key is known to the verifying unit (see US '918: column 4, lines 39 - 40); 

d) communicating the encrypted data element from the verifying unit to the proving unit (see US 
'91 8: column 4, lines 42 - 44); 

e) using the proving unit to decrypt the encrypted data element in a first decryption method, 
assigned to the first cryptographic encryption method, using a private key known only to the 
proving unit (see US '918: column 3, lines 27 - 28); 

f) using the proving unit to calculate, from the data set to be authenticated, in a second 
cryptographic method, an authenticator dependent on the data element (see US '918: column 3, 
lines 25-30); 

g) communicating the authenticator from the proving unit to the verifying unit (see US 918: 
column 3, lines 25 - 30); 

h) using the verifying unit to check the authenticator with an aid of an authentication checking 
algorithm, assigned to the second cryptographic method using the data element and the data 
set (see US '918: column 3, lines 31 - 33); and 

i) accepting the data set as communicated by the proving unit to the verifying unit is dependent 
on a result of the check performed in step h) (see US '918: column 3, lines 34 - 37). 

For claim 2, US '91 8 teaches: 
The method according to claim 1, which further comprises during the step a), using the proving 
unit to communicate the data set in unencrypted form to the verifying unit (see US '918: column 
3, lines 13- 14). 

For claim 3, US '91 8 teaches: 
The method according to claim 1 , which further comprises using the verifying unit to generate 
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the data set as a random element and subsequently, in the step a), communicating the data set 
to the proving unit (see US '918: column 3, lines 13 - 14). 

For claim 4, US '918 teaches: 
The method according to claim 1, which further comprises during the step h): 
forming the authentication checking algorithm to be substantially identical to the second 
cryptographic method for authenticator generation; 

applying the authentication checking algorithm by the verifying unit to the data element and the 
data set for forming a reference authenticator; and 

comparing the reference authenticator with the authenticator (see US '918: column 3, lines 31 - 
33, 54 - 60 and column 4, lines 39 - 40). 

As for claim 5, US '918 teaches: 
The method according to claim 1 , which further comprises during the step h): 
forming the authentication checking algorithm with a decryption method corresponding to the 
second cryptographic method for generating the authenticator for an associated encryption 
method; 

applying the authentication checking algorithm by the verifying unit to the authenticator by 
decryption for forming a reference data element and a reference data set; and 
comparing the reference data element and the reference data set with the data element and the 
data set (see US '918: column 3, lines 54 -60 and column 4, lines 39 - 40). 

As for claim 6, US '918 teaches: 
The method according to claim 1, which further comprises: 

repeating steps b), c), d) and e) for generating at least one further data element before 
performing the step f); and 
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using the proving unit to encrypt the data set to be authenticated in step f) in a manner 
dependent on the data element and the further data element to form the authenticator (see US 
'91 8 column 2, lines 46 - 48 and column 4, lines 42 - 44). 

As for claim 13, US '918 discloses: 
The method according to claim 1, which further comprises performing the following steps before 
performing step b): 

using the proving unit to communicate the public key with a certificate of a trust center; 
using the verifying unit to check a validity of the public key of the proving unit using a 
certification method; and 

using the verifying unit to continue the communication with the proving unit in a manner 
dependent on a result of the check (see US '918: column 2, line 56 - column 3, lines 1 - 5). 

For claim 14, US '918 teaches: 
The method according to claim 1, which further comprises: 
forming the proving unit as an integrated circuit on a smart card; and 
forming the verifying unit as a smart card terminal (see US '918: column 2, lines 27 - 29). 

As for claim 15, US '918 teaches: 
The method according to claim 1, which further comprises forming the proving unit as an 
integrated circuit in an identification/authentication token which is fixedly connected to a non- 
localized object (see US '918: column 4, lines 58 - 66). 

As for claim 16 and 21 , US '918 teaches: 
The methods according to claims 14 and 15 respectively, which further comprises performing 
the communication between the proving unit and the verifying unit contactlessly (see US '918: 
column 2, lines 32 -36). 
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Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 7-12 and 17-20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Hopkins (US Patent 5,757,918) in view of Miyaji et al. in US Patent 5,272,755. 

6. Regarding claims 7 and 8, Hopkins discloses: 

carrying out the first cryptographic encryption method and the first decryption method (see US 
'918: column 3, lines 31 - 33, 54 - 60 and column 4, lines 39 - 40) 
but does not show 

using discrete exponentiation in a semigroup or using an algorithm based on elliptical curves (as 
in claims 7 and 8 respectively). 

Miyaji et al. however does disclose using discrete exponentiation in a semigroup (see 
US 755: column 12, line 28) and using an algorithm based on elliptical curves (see US 755: 
column 15, lines 7-22). 

For claims 7 and 8, it would be obvious to one of ordinary skill in the art at the time of the 
invention to modify the first cryptographic encryption method of Hopkins to use discrete 
exponentiation in a semigroup as in Miyaji et al. The motivation for doing so would have been 
to reduce costs and the technical implementation outlay in the authentication of data while 
providing a high degree of security. 

As for claims 9 and 17, Hopkins discloses: 
performing the first cryptographic encryption method using the verifying unit, 
using the verifying unit to calculate an element, 
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using the verifying unit to calculate from the public key, and 
using the verifying unit to encrypt the at least one data element, 
but does not teach 

generating] a number t e T, where T is a subrange of integers; 
or 

calculating] element h f(t) e H, where f : T ->T is a mapping into a subrange T of the integers, 
which is not necessarily different from T, H represents a multiplicatively written semigroup 
generated by element h, with a discrete exponentiation of a base h as a one-way function in the 
semigroup H; 
or 

[calculating] k pub = h f(d) e H, element tt (k pub f(t) ) e G, where tt : H -> G specifies a mapping of the 
semigroup H into a group G, d = k prjv e T is the private key which is accessible only to the 
proving unit, and a mapping t ->h f(t) -> tt (k f(t) ) from the subrange of the integers T to the group 
G represents a one-way function; and 
or 

[encrypting] z, by a combination with respect to the encrypted data element, z' = z ° tt (k pub f(t) ) e 
G. 

Miyaji et al. however does show 
generating] a number t e T, where T is a subrange of integers; 

using the verifying unit to calculate element h f(t) e H, where f : T ->T is a mapping into a 
subrange T of the integers, which is not necessarily different from T, H represents a 
multiplicatively written semigroup generated by element h, with a discrete exponentiation of a 
base h as a one-way function in the semigroup H; 
and 
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calculating] k pub = h f(d) e H, element tt (k pub f(t) ) e G, where tt : H -> G specifies a mapping of the 
semigroup H into a group G, d = k priv e T is the private key which is accessible only to the 
proving unit, and a mapping t ->h f(t) -> tt (k f(t) ) from the subrange of the integers T to the group 
G represents a one-way function; and 

encrypt[ing] the at least one data element, z, by a combination with respect to the encrypted 
data element, z' = z • tt (k pub f(t) ) e G (see US 755: column 1 , lines 40 - 50, column 1 1 , lines 68 - 
column 12, lines 1-9: where it is obvious that if the GF (2 n ) computations are employed then 
instance arithmetic calculations are relied upon). 

For claims 9 and 17, it would be obvious to one of ordinary skill in the art at the time of 
the invention to modify the first cryptographic encryption method of Hopkins to incorporate the 
discrete exponentiation in a semigroup as in Miyaji et al. The motivation for doing so would have 
to reduce costs and the technical implementation outlay in the authentication of data while 
providing a high degree of security. 

Regarding claims 10 and 18, Miyaji et al. in view of Hopkins teaches as a method 
according to claim 9, which further comprises during the step d), in addition to the encrypted 
data element, using the verifying unit to communicate the element h f(t) e H to the proving unit 
(see US '918: column 3, lines 26 - 27). 

As for claims 1 1 and 1 9, US '91 8 teaches: 
performing the first cryptographic decryption method, 

using the proving unit to calculate the element and inverse element (see US '918: column 3, 
lines 25 -30) and 

using the proving unit to decrypt the encrypted data element (see US '918: column 3, lines 27 - 
28) 

but does not disclose: 
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calculating] k pub f(t) e H using function f, the element h f(t) e H and the private key d known only to 
the proving unit; or 

calculating] an inverse element tt' (k pub f(t) ) e G with respect to element tt (k pub f(t) ) e G; and 
decrypting] the encrypted data element by a combination of the encrypted data element with 
inverse element: z = z' ° tt' (kp Ub f(t) ), where the first cryptographic decryption method is based on 
the same mappings f, tt and the same combination ° as the first cryptographic encryption 
method. 

Miyaji et al. however does show 
calculating] k pub f(t) e H using function f, the element h f(t) e H and the private key d known only to 
the proving unit; or 

calculating] an inverse element tt' (k pub f(t) ) e G with respect to element tt (k pub f(t) ) e G; and 
decrypting] the encrypted data element by a combination of the encrypted data element with 
inverse element: z = z' ° tt' (k pub f(t) ), where the first cryptographic decryption method is based on 
the same mappings f, tt and the same combination ° as the first cryptographic encryption 
method (see US 755: column 1 , lines 40 - 50, column 1 1 , lines 68 - column 1 2, lines 1-9). 

For claims 1 1 and 19, it would be obvious to one of ordinary skill in the art at the time of 
the invention to modify the first cryptographic decryption method of Hopkins to incorporate the 
inverse calculation of the discrete exponentiation as in Miyaji et al. The motivation for doing so 
would have been to reduce costs and the technical implementation outlay in the authentication 
of data while providing a high degree of security. 

Regarding claims 12 and 20, US '918 discloses: 
performing the second cryptographic method, using the proving unit to calculate, using the 
proving unit to transform the data set (see US '918: column 3, lines 25 - 30) 
but does not teach 
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calculating] from at least one unencrypted data element z, an element g 2 = ffi (z) e Gi and an 
element g 2 = tt 2 (z) e G 2 , where G. r and G 2 represent groups where Gi subset G 2 and jx^ : G -> 
G<\ and tt 2 : G -> G 2 represent functions which map elements of the group G onto the groups d 
or G 2 ; 

transforming] the data set to be authenticated m, to form an element g' = (g 1 * m) with a group 
combination * in d; and 

calculating] D, by D = inj (g 1 ) • g 2 with the group combination • in G 2l where the mapping inj : G^ 
G 2 maps elements from injectively into G 2 . 
Miyaji et al. however does show 
calculating] from the at least one unencrypted data element z, an element g 2 = TTi (z) e Gi and 
an element g 2 = tt 2 (z) e G 2 , where G^ and G 2 represent groups where Gi subset G 2 and tt-i : G 
-> Gi and tt 2 : G -> G 2 represent functions which map elements of the group G onto the groups 
d or G 2 ; 

transforming] the data set to be authenticated m, to form an element g' = (gi * m) with a group 
combination * in Gi; and 

calculating] D, by D = inj (g') • g 2 with the group combination • in G 2 , where the mapping inj : Gi 
-> G 2 maps elements from Gi injectively into G 2 (see US 755: column 1 , lines 40 - 50, column 
1 1 , lines 68 - column 1 2, lines 1-9). 

For claims 12 and 20, it would be obvious to one of ordinary skill in the art at the time of 
the invention to modify the second cryptographic method of Hopkins to incorporate the injective 
mapping of elements as in Miyaji et al. The motivation for doing so would have been to reduce 
costs and the technical implementation outlay in the authentication of data while providing a 
high degree of security. 
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Conclusion 



7. Any inquiry concerning this communication or earlier communications from the examiner 
should be directed to Laurel Lashley whose telephone number is 571-272-0693. The examiner 
can normally be reached on Monday - Thursday, alt Fridays btw 7:30 am & 5 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, Jr. can be reached on 571-272-3799. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private 
PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you 
would like assistance from a USPTO Customer Service Representative or access to the 
automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Laurel Lashley 
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